<?php $this->partial('aside_configure'); ?>

<div class="post">
	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('gen.action.back_to_rss_feeds'); ?></a>

	<form method="post" action="<?php echo _url('user', 'profile'); ?>">
		<input type="hidden" name="_csrf" value="<?php echo FreshRSS_Auth::csrfToken(); ?>" />
		<legend><?php echo _t('conf.profile'); ?></legend>

		<div class="form-group">
			<label class="group-name" for="current_user"><?php echo _t('conf.user.current'); ?></label>
			<div class="group-controls">
				<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
				<label class="checkbox" for="is_admin">
					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
					<?php echo _t('conf.user.is_admin'); ?>
				</label>
			</div>
		</div>

		<div class="form-group">
			<label class="group-name" for="newPasswordPlain"><?php echo _t('conf.profile.password_form'); ?></label>
			<div class="group-controls">
				<div class="stick">
					<input type="password" id="newPasswordPlain" name="newPasswordPlain" autocomplete="new-password" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
					<a class="btn toggle-password" data-toggle="newPasswordPlain"><?php echo _i('key'); ?></a>
				</div>
				<?php echo _i('help'); ?> <?php echo _t('conf.profile.password_format'); ?>
				<noscript><b><?php echo _t('gen.js.should_be_activated'); ?></b></noscript>
			</div>
		</div>

		<?php if (FreshRSS_Context::$system_conf->api_enabled) { ?>
		<div class="form-group">
			<label class="group-name" for="apiPasswordPlain"><?php echo _t('conf.profile.password_api'); ?></label>
			<div class="group-controls">
				<div class="stick">
					<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="new-password" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
					<a class="btn toggle-password" data-toggle="apiPasswordPlain"><?php echo _i('key'); ?></a>
				</div>
				<?php echo _i('help'); ?> <kbd><a href="../api/"><?php echo Minz_Url::display('/api/', 'html', true); ?></a></kbd>
			</div>
		</div>
		<?php } ?>

		<?php if (FreshRSS_Auth::accessNeedsAction()) { ?>
		<div class="form-group">
			<label class="group-name" for="token"><?php echo _t('admin.auth.token'); ?></label>
			<?php $token = FreshRSS_Context::$user_conf->token; ?>
			<div class="group-controls">
				<input type="text" id="token" name="token" value="<?php echo $token; ?>" placeholder="<?php echo _t('gen.short.blank_to_disable'); ?>"<?php
					echo FreshRSS_Auth::accessNeedsAction() ? '' : ' disabled="disabled"'; ?> data-leave-validation="<?php echo $token; ?>"/>
				<?php echo _i('help'); ?> <?php echo _t('admin.auth.token_help'); ?>
				<kbd><?php echo Minz_Url::display(array('a' => 'rss', 'params' => array('user' => Minz_Session::param('currentUser'), 'token' => $token, 'hours' => FreshRSS_Context::$user_conf->since_hours_posts_per_rss)), 'html', true); ?></kbd>
			</div>
		</div>
		<?php } ?>

		<div class="form-group form-actions">
			<div class="group-controls">
				<button type="submit" class="btn btn-important"><?php echo _t('gen.action.submit'); ?></button>
				<button type="reset" class="btn"><?php echo _t('gen.action.cancel'); ?></button>
			</div>
		</div>
	</form>

	<?php if (!FreshRSS_Auth::hasAccess('admin')) { ?>
	<form id="crypto-form" method="post" action="<?php echo _url('user', 'delete'); ?>">
		<input type="hidden" name="_csrf" value="<?php echo FreshRSS_Auth::csrfToken(); ?>" />
		<legend><?php echo _t('conf.profile.delete'); ?></legend>

		<p class="alert alert-warn"><span class="alert-head"><?php echo _t('gen.short.attention'); ?></span> <?php echo _t('conf.profile.delete.warn'); ?></p>

		<div class="form-group">
			<label class="group-name" for="passwordPlain"><?php echo _t('gen.auth.password'); ?></label>
			<div class="group-controls">
					<input type="password" id="passwordPlain" required="required" />
					<input type="hidden" id="challenge" name="challenge" /><br />
					<noscript><strong><?php echo _t('gen.js.should_be_activated'); ?></strong></noscript>
			</div>
		</div>

		<div class="form-group form-actions">
			<div class="group-controls">
				<?php
					$redirect_url = urlencode(Minz_Url::display(
						array('c' => 'user', 'a' => 'profile'),
						'php', true
					));
				?>
				<input type="hidden" name="r" value="<?php echo $redirect_url; ?>" />
				<input type="hidden" name="username" id="username" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
				<button type="submit" class="btn btn-attention confirm"><?php echo _t('gen.action.remove'); ?></button>
			</div>
		</div>
	</form>
	<?php } ?>
</div>
